Skip to content
  • Why Deepwatch?
    • Squad Delivery Model
    • Deepwatch Platform
    • Deepwatch Secure Score
    • Deepwatch Labs
  • Solutions
    • Managed Detection and Response (MDR)
      • MDR Enterprise
      • MDR Essentials
    • Managed Extended Detection Response (MXDR)
    • Endpoint Detection and Response (EDR)
    • Vulnerability Management (VM)
    • Firewall Management Solution
  • Company
    • About
    • Leadership
    • Careers
    • Contact
  • Partners
    • Channel Partners
    • Technology Alliance Partners
  • Resources
    • Resource Library
    • Blog
    • Case Studies
    • eBooks
    • Whitepapers
    • Datasheets
    • Video
    • Newsroom
    • Events
  • Search
  • Ready to Talk?
×

New Research Report: Security Leaders' Top Challenges & Priorities for 2023

Read Now
09.09.22

Cyber Intel Brief: Sept 1 – 7, 2022

By Eric Ford, 

Threat Actors

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks

Impacted Industries: All

What You Need To Know:

SentinelOne published a report on a recent little-known threat actor phishing campaign targeting PyPi package maintainers to infect downstream users with the JuiceStealer malware.


Threat Actor

Raspberry Robin and Dridex: Two Birds of a Feather

Impacted Industries: Utilities, Manufacturing, and Transportation and Warehousing

What You Need To Know:

A recent IBM report asserts a link between malware spread by USB devices and a Russia-based cybercriminal group. The report shows infections spiked in early June and attempts to infect clients in the oil and gas, manufacturing, and transportation by early August.


Threat Actor

TA505 Group’s TeslaGun In-Depth Analysis

Impacted Industries: Finance and Insurance; but group targets all sectors

What You Need To Know:

The PRODAFT threat intelligence team identified a financially motivated threat group’s control panel. Prodaft could glean insight into how the organization works through the control panel.


Threat Landscape

EvilProxy Phishing-As-A-Service With MFA Bypass Emerges In Dark Web

Impacted Industries:  All

What You Need To Know:

Resecurity has identified a new Phishing-as-a-Service (PhaaS) advertised on the Dark Web. Their report details the structure, modules, functions, and network infrastructure used to conduct malicious activity and how the service can bypass MFA.


Malware

SafeBreach Labs Researchers Uncover New Remote Access Trojan (RAT)

Impacted Industries: All

What You Need To Know:

SafeBreach Labs discovered a previously undiscovered remote access trojan. During their investigation, SafeBreach identified the developer who published the source code to their public GitHub account.


Ransomware

#StopRansomware: Vice Society

Impacted Industries: Education Services

What You Need To Know:

The FBI, CISA, and the Multi-State Information Sharing and Analysis Center released a joint Cybersecurity Advisory regarding Vice Society activity identified through investigations as recently as September 2022.


Exploited Vulnerabilities

Mirai Variant MooBot Targeting D-Link Devices

Impacted Industries: All

What You Need To Know:

Palo Alto’s Unit 42 researchers discovered attacks leveraging several vulnerabilities in D-Link devices. The exploit attempts captured by Unit 42 led to the spread of a botnet that targets exposed networking devices running Linux.


What We Mean When We Say

Estimates of Likelihood

We use probabilistic language to reflect the Intel Team’s estimates of the likelihood of developments or events because analytical judgments are not certain. Terms like “probably,” “likely,” “very likely,” and “almost certainly” denote a higher than even chance. The terms unlikely and remote imply that an event has a lower than even chance of occurring; they do not imply that it will not. Terms like might and might reflect situations where we are unable to assess the likelihood, usually due to a lack of relevant information, which is sketchy or fragmented. Terms like “we can’t dismiss,” “we can’t rule out,” and “we can’t discount” refer to an unlikely, improbable, or distant event with significant consequences.

Confidence in Assessments

Our assessments and projections are based on data that varies in scope, quality, and source. As a result, we assign our assessments high, moderate, or low levels of confidence, as follows:

  • High confidence indicates that our decisions are based on reliable information and/or that the nature of the problem allows us to make a sound decision. However, a “high confidence” judgment is not a fact or a guarantee, and it still carries the risk of being incorrect.
  • Moderate confidence denotes that the information is credible and plausible, but not of high enough quality or sufficiently corroborated to warrant a higher level of assurance.
  • Low confidence indicates that the information’s credibility and/or plausibility are in doubt, that the information is too fragmented or poorly corroborated to make solid analytic inferences, or that we have serious concerns or problems with the sources.

Subscribe to the Deepwatch Insights Blog

Post navigation

Previous post

Cyber Intel Brief: Aug 25 – 31, 2022

Next post

How Deepwatch’s Adversary Tactics and Intelligence Team Approaches Cyber Threat Intelligence

Deepwatch

DENVER
OFFICE & SOC

7800 East Union Avenue
Suite 900
Denver, CO 80237 USA
855.303.3033

TAMPA
OFFICE & SOC

4030 W Boy Scout Blvd.
Suite 550
Tampa, FL 33607 USA
855.303.3033

[email protected]

Why Deepwatch

  • Squad Delivery Model
  • Deepwatch Platform
  • Deepwatch Secure Score
  • Deepwatch Labs

Solutions

  • Managed Detection and Response (MDR)
  • MDR Essentials
  • MDR Enterprise
  • Managed Extended Detection Response (MXDR)
  • Endpoint Detection and Response (EDR)
  • Vulnerability Management (VM)
  • Firewall Management Solution

Company

  • About Us
  • Leadership
  • Careers
  • Contact

Resources

  • Resource Library
  • Insights Blog
  • News
  • Events

Partners

  • Channel Partners
  • Technology Alliance Partners

Contact

  • Let's Talk
  • Customer Login
  • Partner Login
GDPR Badge PCI Badge SOC2 Badge TRUSTe
LinkedIn Twitter YouTube YouTube

© Copyright 2023 Deepwatch incorporated

Trust | Sitemap | Privacy Policy